home

uninstall.exe

360Amigo System SpeedUp

360Amigo Oy

The application uninstall.exe, “360Amigo System SpeedUp Installor” by 360Amigo Oy has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is the uninstaller utility registered in the Windows Control Panel for the program 360Amigo System Speedup Free by 360Amigo System SpeedUp. This file is typically installed with the program 360Amigo System Speedup PRO by 360Amigo. The file has been seen being downloaded from soft.mydiv.net and multiple other hosts.
Publisher:
360Amigo  (signed by 360Amigo Oy)

Product:
360Amigo System SpeedUp

Description:
360Amigo System SpeedUp Installor

Version:
1.2.1.8200

MD5:
bc03478a399c62616329f8f00de006b1

SHA-1:
d7005d040be4b5e223f90afc9c1b128ce13b09e2

SHA-256:
03417f8eb04658b62dbc0bde1c3c194352f5d2b8bc4691d3f068297b0bd37578

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 1:02:23 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Optional.Installer.360AmigoOy.J
14.2.22.23

File size:
9.7 MB (10,131,744 bytes)

Product version:
1.2.1

Copyright:
Copyright 2012 by 360Amigo

Trademarks:
360Amigo

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\uninstall.exe

Digital Signature
Signed by:
360Amigo Oy

Authority:
VeriSign, Inc.

Valid from:
7/28/2012 8:00:00 PM

Valid to:
7/29/2013 7:59:59 PM

Subject:
CN=360Amigo Oy, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=360Amigo Oy, L=Helsinki, S=Helsinki, C=FI

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7369CB538B18E218534A606B0904BBA4

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:uprU6JsDq0ind2OEKUfv/SJ1qKQfyurNCYoHfYCxgrbR+pvnXutz86+JxuMT0rzw:udBKfiVGu3kl4fYCIN+lXz

Entry address:
0x12FF0C

Entry point:
55, 8B, EC, B9, 09, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, 1C, FB, 52, 00, E8, CB, 68, ED, FF, 33, C0, 55, 68, 40, 04, 53, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 72, FF, 52, 00, 64, FF, 32, 64, 89, 22, E8, 86, 5A, F6, FF, 83, F8, 05, 7F, 19, 8B, 0D, 9C, 45, 53, 00, 8B, 09, B2, 01, A1, 24, 7C, 40, 00, E8, E5, D2, ED, FF, E8, 90, 3C, ED, FF, 33, C0, 5A, 59, 59, 64, 89, 10, EB, 23, E9, C1, 3A, ED, FF, 01, 00, 00, 00, 24, 7C, 40, 00, 83, FF, 52, 00, 8B, 40, 04, E8, 45, 60, F6, FF, E8...
 
[+]

Entropy:
6.5565

Developed / compiled with:
Microsoft Visual C++

Code size:
1.2 MB (1,242,624 bytes)

Program Uninstaller
Program name:
360Amigo System Speedup Free

Display publisher:
360Amigo System SpeedUp

Display version:
1.2.1.8200

Uninstall string:
C:\Program files\360Amigo\Uninstall.exe /REMOVE


The file uninstall.exe has been discovered within the following program.

360Amigo System Speedup PRO  by 360Amigo
360Amigo System Speedup is a tool of Windows that works quickly in identifying the problem and fix it if there are some mistakes that result in slow system performance.
www.360amigo.com
56% remove it
 
Powered by Should I Remove It?

The file uninstall.exe has been seen being distributed by the following 13 URLs.

http://soft.mydiv.net/win/dlfileccd51_231218/.../360amigofreesetup-1.exe

http://soft.mydiv.net/win/dlfile17825_231218/.../360amigofreesetup-1.exe

http://www.storage.programosy.pl/360amigofreesetup_[www.programosy.pl].exe

http://www.pcspece.pl/.../360amigofreesetup_[www.programosy.pl].exe

http://www.programosy.pl/.../pobierz,360amigo-system-speedup-free,2.html

http://download1us.softpedia.com/dl/f3a224c12634443dc104ba0957676549/53ba8c31/100161394/software/.../360amigofreesetup.exe

http://esd.element5.com/affiliate.html?affiliateid=70900&publisherid=200114144&target=http://download.softpedia.com/dl/06df7d5bc9ce9632bf2d3c1e8fdec71b/55394717/100161394/software/.../360amigofreesetup.exe

http://esd.element5.com/affiliate.html?affiliateid=70900&publisherid=200114144&target=http://download1us.softpedia.com/dl/4815d357f98b588ac665423a47e915a2/54103da4/100161394/software/.../360amigofreesetup.exe

http://download1uk.softpedia.com/dl/9f86cf28cfbc2f596d6e6443592b8b66/53ed4e97/100161394/software/.../360amigofreesetup.exe

http://besplatnye-programmy.com/.../download.php?id=421

http://download1us.softpedia.com/dl/5976867b4d5e29b921c5d75d9cb5b4aa/53bae9f1/100161394/software/.../360amigofreesetup.exe

http://www.360amigo.com/.../360amigofreesetup.exe

http://software-files-a.cnet.com/s/software/13/05/86/.../360amigofreesetup.exe

Remove uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.